/ Privacy policy

Privacy Policy

Last updated March 7, 2026

Fable ("we", "us", "our") operates usefable.vercel.app. This policy explains what information we collect, why we collect it, and how it's handled. We've written it to be readable, not to bury things in legalese.

What we collect

Information you give us

  • Account information — your name and email address when you sign up.
  • Profile data — your display name, business name, logo, and brand color if you add them in Settings.
  • Project data — project names, client names, client emails, files you upload, comments, invoices, and meeting details you create.
  • Billing information — your subscription plan. We don't store your card details — payments are handled by Polar and Stripe.
  • Waitlist email — if you join the waitlist before signing up.

Information collected automatically

  • Portal view data — when a client opens a project portal, we record the time so you can see read receipts. We don't track individual client behaviour beyond this.
  • Usage data — basic server logs (IP address, browser type, pages visited). We don't run advertising trackers or sell this data.

How we use it

  • To provide and operate the Fable service
  • To send transactional emails — invoice notifications, meeting invites, day-of reminders
  • To send you product updates if you've opted in (you can opt out any time)
  • To improve the product — understanding which features are used
  • To process subscription payments

We do not sell your data. We do not use your data for advertising.

Who we share it with

We use a small number of trusted third-party services to run Fable:

  • Supabase — database and file storage (EU/US data centres)
  • Resend — transactional email delivery
  • Polar — subscription billing
  • Stripe — payment processing for invoice links your clients use
  • Vercel — hosting and infrastructure

Each of these processors handles data under their own privacy policies and data processing agreements. We don't share your data with anyone else.

Your client's data

When you add a client to a project, you're responsible for having the right to share their name and email with us. We use that information only to send them portal access and project-related notifications. We never contact your clients for marketing purposes.

Data retention

We keep your data as long as your account is active. If you delete your account, we remove your personal data and project data within 30 days. Uploaded files are deleted from storage at the same time. Some anonymised usage statistics may be retained longer.

Your rights

You have the right to:

  • Access the data we hold about you
  • Request a copy of your data
  • Correct inaccurate data
  • Delete your account and data
  • Withdraw consent for marketing emails

To exercise any of these, email us at privacy@usefable.com. We'll respond within 30 days.

Cookies

We use a single session cookie to keep you logged in. We don't use advertising cookies or third-party tracking. No cookie banner needed.

Security

All data is transmitted over HTTPS. We use Supabase Row Level Security so users can only access data they own. Passwords are hashed by Supabase Auth and never stored in plain text.

Changes to this policy

If we make material changes, we'll notify you by email. The updated date at the top of this page reflects the most recent revision.

Contact

Questions? Email privacy@usefable.com